Security and Safe Computing
Read information on IT security including the ability to report a security incident and how to protect yourself.
Digital Certificates (SSL)
A Secure Sockets Layer (SSL) certificate is a signed electronic guarantee that verifies the authenticity of a particular server. It is used for providing webpages through an encrypted connection. This service includes processing, ordering, renewal monitoring and notification.
iAM (Account Self-Service)
The iAM web service provides users the ability to self-service several account functions. These functions include password change, email routing and preferred email address and display name selection. Note: If you have recently changed your password, forget and re-add all UofM wireless networks on all your devices. For more help connecting to on-campus wireless networks, visit our wireless page.
iAM (Duo Account Security)
Duo Account Security or two-factor authentication adds a second layer of security to your online accounts. Verifying your identity using a second factor prevents anyone but you from logging in, even if they know your password.
Note: Access to this service may be limited in compliance with sanctions announced by the Office of Foreign Assets Control.
KnowBe4 Phish Alert Button (PAB)
The Phish Alert Button (PAB) allows users to report suspected phishing emails easily and safely. It appears in all Outlook platforms: desktop apps, mobile apps, and Outlook Web Access (OWA).
Password: How to reset your UofM password
Your password, along with your Universal User ID (UUID), grants access to all the
University's computing resources and online services. This account password should
be unique from every other password you use.
Note: If you have recently changed your password, forget and re-add all UofM wireless networks
on all your devices. For more help connecting to on-campus wireless networks, visit our wireless page.
Report a Technology Incident or Report Internet/Security Abuse
Please report technology related security incidents to ITS for further investigation.
Security incidents include:
• Denial of Service - An attack that prevents or impairs the authorized use of networks,
systems, or applications by exhausting resources
• Malicious Code - A virus, worm, Trojan horse, or other code-based malicious entity
that successfully infects a host
• Unauthorized Access - A person gains logical/physical access without permission
to a network, system, application, data, or other IT resource
• Inappropriate Usage - A person violates acceptable use of any network or computer
policies
• Compromised Personally Identifiable Information (PII) - Information that can be
used to uniquely identify, contact, or locate a single person
or that can be used with other sources to uniquely identify a single individual
Security Awareness Training
Security Awareness Training provides important information to clients to educate them about potential security issues. This training also helps to provide an awareness of University security policies.
Single Sign-On (SSO)
Single Sign-On allows users to access technology resources and services across University systems using a single UUID and password. SSO is centrally maintained to provide both SAML- and CAS-compliant authentication services that limit reuse and exposure to user credentials by multiple services.
Suspicious Account Activity
Suspicious activity (e.g., unexpected DUO prompts or account notifications, replies to emails the user did not send) may suggest that an account has been inappropriately accessed by someone other than the account owner or that an attacker is attempting to gain such unauthorized access. Remember, never share your password with anyone or enter it on unfamiliar webpages. ITS will never ask for your password via email or phone.
VPN - Virtual Private Network
A Virtual Private Network (VPN) is used to securely access University network resources, such as umApps and remote desktop, from the internet.